package com.zxy.servlet;

import java.io.IOException;
import java.util.Date;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;

import javax.servlet.ServletException;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import com.zxy.common.Com_Fun;
import com.zxy.common.Com_Para;

public class GetDataServlet extends HttpServlet
{ 
	public GetDataServlet()
	{
		super();
	}

	public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
	{
		doPost(request,response);
	}
	
	public void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException
	{
		boolean bcheckXssChar = false;
		com.zxy.tcp.ServerPageHttp sph = new com.zxy.tcp.ServerPageHttp();
		sph.strIP = request.getRemoteAddr();
		Map map = request.getParameterMap();
		Set keSet = map.entrySet();
		String strUTF8 = "";
		String strGBK = "";
		String strISO = "";
		String jsoncallback = "";
		String jsoncallbackEnd = "";
		String param_name = "";
		String temReferer = "A";
		String temRequUrl = "B";
		String temForward = "C";
		for(Iterator itr = keSet.iterator();itr.hasNext();)
		{
			Map.Entry me = (Map.Entry) itr.next();
			Object okey = me.getKey(); //获取参数名
			Object ov = me.getValue(); //获取参数值
			String[] value = new String[1];
			if(ov instanceof String[])
			{
				value = (String[]) ov;
			}else
			{
				value[0] = ov.toString();
			}
			for(int k = 0;k < value.length;k++)
			{
				strUTF8 += new String(value[k].getBytes("utf-8"),"utf-8");
				strGBK += new String(value[k].getBytes("GBK"),"utf-8");
				strISO += new String(value[k].getBytes("iso-8859-1"),"utf-8");
				String strTem = new String(value[k].getBytes("iso-8859-1"),"utf-8");//iso-8859-1
				if(sph.strUrl.toString().length() != 0)
					sph.strUrl.append("&" + okey + "=" + strTem);//value[k];
				else
					sph.strUrl.append(okey + "=" + strTem); //value[k];
				if(okey.toString().equals("jsoncallback")){
					jsoncallback = strTem;
					if(!java.util.Objects.equals(jsoncallback,"")){
						jsoncallback += "(";
						jsoncallbackEnd = ")";
					}
				}
				if(okey.toString().equals("param_name"))
					param_name = strTem;
				if(sph.checkXssChar(strTem) == true)
				{
					bcheckXssChar = true;
					break;
				}
			}
		}
		String strReferer = request.getHeader("Referer");
		String strRequUrl = request.getRequestURL().toString();
		String strForward = request.getHeader("X-Forwarded-For");		
		if(java.util.Objects.equals(strReferer,null) || java.util.Objects.equals(strReferer,"")){
			strReferer = "";
		}
		else if(strReferer.indexOf("http://") == 0){
			strReferer = strReferer.replace("http://","");
		}
		else if(strReferer.indexOf("https://") == 0){
			strReferer = strReferer.replace("https://","");		
		}		
		if(java.util.Objects.equals(strRequUrl,null) || java.util.Objects.equals(strRequUrl,"")){
			strRequUrl = "";
		}
		else if(strRequUrl.indexOf("http://") == 0){
			strRequUrl = strRequUrl.replace("http://","");
		}
		else if(strRequUrl.indexOf("https://") == 0){
			strRequUrl = strRequUrl.replace("https://","");		
		}
		if(java.util.Objects.equals(strForward,null) || java.util.Objects.equals(strForward,"")){
			strForward = "";
		}
		else if(strForward.indexOf("http://") == 0){
			strForward = strForward.replace("http://","");
		}
		else if(strForward.indexOf("https://") == 0){
			strForward = strForward.replace("https://","");		
		}
		
		//应用层跨域支持 应用层跨域支持控制 
		//0:不支持跨域请求前后端访问必须IP和端口一致，
		//1:半跨域支持前后端IP一致端口可不一致(如nginx配置前后端分离)；
		//2:完全跨域支持,前后端不同IP不同端口访问均支持;
		if(Com_Para.cdi_access_control_allow_methods == 0){
			if(strReferer.indexOf("/") != -1)
			{
				temReferer = strReferer.substring(0,strReferer.indexOf("/"));
			}else
				temReferer = strReferer;
			if(strRequUrl.indexOf("/") != -1)
			{
				temRequUrl = strRequUrl.substring(0,strRequUrl.indexOf("/"));
			}else
				temRequUrl = strRequUrl;
			if(strForward.indexOf("/") != -1)
			{
				temForward = strForward.substring(0,strForward.indexOf("/"));
			}else
				temForward = strForward;
			
		}
		else if(Com_Para.cdi_access_control_allow_methods == 1){
			if(strReferer.indexOf("/") != -1)
			{
				temReferer = strReferer.substring(0,strReferer.indexOf("/"));
			}else
				temReferer = strReferer;
			if(strRequUrl.indexOf("/") != -1)
			{
				temRequUrl = strRequUrl.substring(0,strRequUrl.indexOf("/"));
			}else
				temRequUrl = strRequUrl;
			if(strForward.indexOf("/") != -1)
			{
				temForward = strForward.substring(0,strForward.indexOf("/"));
			}else
				temForward = strForward;
			temReferer = temReferer.split(":")[0];
			temRequUrl = temRequUrl.split(":")[0];
			temForward = temForward.split(":")[0];
		}
		
		if(bcheckXssChar == true)
		{
			response.getWriter().write(jsoncallback
					+ "{\""+param_name+"\":[{\""+com.zxy.common.Com_Fun.getLowUpp("s_result")+"\":\"0\",\""+com.zxy.common.Com_Fun.getLowUpp("error_desc")+"\":\""+com.zxy.common.Com_Fun.s_encode("错误，请勿输入具有攻击性参数")+"\"}]}"+jsoncallbackEnd);
		}
		else if(Com_Para.cdi_access_control_allow_methods == 0
				&& (temReferer.equals(temRequUrl) == false 
				|| temReferer.equals("")))
		{
			response.getWriter().write(jsoncallback
					+ "{\""+param_name+"\":[{\""+com.zxy.common.Com_Fun.getLowUpp("s_result")+"\":\"0\",\""+com.zxy.common.Com_Fun.getLowUpp("error_desc")+"\":\""+com.zxy.common.Com_Fun.s_encode("错误，请勿跨域请求数据")+"\"}]}"+jsoncallbackEnd);
		}
		else if(Com_Para.cdi_access_control_allow_methods == 1 && 
				((temReferer.equals(temRequUrl) == false 
				&& temReferer.equals(temForward) == false) 
				|| temReferer.equals(""))){
			response.getWriter().write(jsoncallback
					+ "{\""+param_name+"\":[{\""+com.zxy.common.Com_Fun.getLowUpp("s_result")+"\":\"0\",\""+com.zxy.common.Com_Fun.getLowUpp("error_desc")+"\":\""+com.zxy.common.Com_Fun.s_encode("错误，请勿跨域请求数据")+"\"}]}"+jsoncallbackEnd);
		}
		else
		{
			//获取post数据
			StringBuffer data = new StringBuffer();
			java.io.BufferedReader reader = null;
			try
			{
				reader = new java.io.BufferedReader(new java.io.InputStreamReader(request.getInputStream()));
				String s;
				while((s = reader.readLine()) != null)
				{
					data.append(s);
				}
			}
			catch(java.io.IOException e)
			{
				e.printStackTrace();
			}
			if(data.toString().length() > 0)
			{
				sph.strUrl.append("&" + data.toString());
				if(sph.checkXssChar(data.toString()) == true)
				{
					bcheckXssChar = true;
				}
			}
			if(bcheckXssChar == true)
			{
				response.getWriter().write(jsoncallback
						+ "{\""+param_name+"\":[{\""+com.zxy.common.Com_Fun.getLowUpp("s_result")+"\":\"0\",\""+com.zxy.common.Com_Fun.getLowUpp("error_desc")+"\":\""+com.zxy.common.Com_Fun.s_encode("错误，请勿输入具有攻击性参数")+"\"}]}"+jsoncallbackEnd);
			}else
			{
				String rel_run = String.valueOf(com.zxy.common.Com_Para.CachePowerControl);
				if(rel_run.equals("1"))
					rel_run = "全局缓存";
				else
					rel_run = "实时读取";
				long dtBeg = new Date().getTime();
				//System.out.println(param_name+"		=>"+rel_run+"begin=>:"+com.zxy.common.Com_Fun.DateTimeStr("yyyy-MM-dd HH:mm:ss:SSS"));
				StringBuilder strResult = sph.PageResult();
				response.setCharacterEncoding(Com_Para.U_CODE);
				response.getWriter().write(strResult.toString());
				long dtend = new Date().getTime();
				//System.out.println(param_name+"		=>"+rel_run+"endok=>:"+com.zxy.common.Com_Fun.DateTimeStr("yyyy-MM-dd HH:mm:ss:SSS"));
//				System.out.println(param_name+"		=>"+rel_run+"耗时(毫秒))=>:"+String.valueOf(dtend-dtBeg));
			}
		}
	}
}
